| Commit message (Collapse) | Author | Files | Lines |
|---|
|
from 2.3.0 to 2.3.1.
Bump PORTREVISION.
ChangeLog: https://github.com/TeslaGov/ngx-http-auth-jwt-module/compare/2.3.0...2.3.1
|
|
<ChangeLog>
*) 1.28.x stable branch.
*) Bugfix: nginx could not be built by gcc 15 if ngx_http_v2_module or
ngx_http_v3_module modules were used.
*) Bugfix: nginx might not be built by gcc 14 or newer with -O3 -flto
optimization if ngx_http_v3_module was used.
</ChangeLog>
|
|
Bump PORTREVISION.
|
|
... to its recent snapshot.
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
o) update sticky-module-ng to it's recent snapshot by
changing provider;
o) add http-auth-jwt module.
Bump PORTREVISION.
|
|
to their recent snapshots or versions:
o) push-stream
o) http_substitutions_filter
o) upload
o) upload-progress
o) upstream_check
o) mod_zip
o) naxsi
o) rds-csv
o) rds-json
o) redis2
o) rtmp
o) set-misc
o) sflow
o) srcache
o) vts
o) xss
Bump PORTREVISION.
|
|
to their recent snapshots or versions:
o) array-var
o) aws_auth
o) ct
o) echo
o) dynamic_upstream
o) encrypted-session
o) headers_more
o) http-auth-digest
o) auth-ldap
o) auth_pam
o) eval
o) fancyindex
o) geoip2
o) ip2location
o) http_json_status
o) passenger
Bump PORTREVISION.
|
|
o) stream-lua to 0.0.16;
o) memc to 0.20.
Bump PORTREVISION.
|
|
- remove NJS_QJS and NJS_XML knobs, always build such components
- add arguments to NJS' configure
- remove needless patches
- the port depends on devel/pcre2, so move `--with-ld-opt' to the
main configure level
Bump PORTREVISION.
|
|
Bump PORTREVISION for the www/unit.
<ChangeLog>
nginx modules:
*) Feature: implemented shared dictionary for QuickJS engine.
*) Improvement: js_preload_object is refactored.
*) Bugfix: fixed limit rated output.
*) Bugfix: optimized use of SSL contexts for
js_fetch_trusted_certificate directive.
Core:
*) Feature: implemented process object for QuickJS engine.
*) Feature: implemented process.kill() method.
*) Bugfix: fixed tests with libxml2 2.13 and later.
*) Bugfix: fixed promise resolving when Promise is inherited.
*) Bugfix: fixed absolute scope in cloned VMs.
</ChangeLog>
|
|
<ChangeLog>
Changes with njs 0.8.7 22 Oct 2024
nginx modules:
*) Bugfix: eliminated unnecessary VM creation.
Previously, njs consumed memory proportionally to the number of
nginx locations. The issue was introduced in 9b674412 (0.8.6).
*) Improvement: added strict syntax validation for js_body_filter.
*) Improvement: improved error messages for module loading
failures.
Core:
*) Feature: implemented fs.readlink() and friends.
*) Improvement: implemented lazy stack symbolization.
*) Bugfix: fixed heap-buffer-overflow in Buffer.prototype.indexOf().
The issue was introduced in 5d15a8d6 (0.8.6).
*) Bugfix: fixed Buffer.prototype.lastIndexOf() when `from` is
provided.
Changes with njs 0.8.6 02 Oct 2024
nginx modules:
*) Feature: introduced QuickJS engine.
*) Feature: added optional nocache flag for js_set directive.
Thanks to Thomas P.
*) Feature: exposed capture group variables in HTTP module.
Thanks to Thomas P.
Core:
*) Feature: added Buffer module for QuickJS engine.
*) Bugfix: fixed handling of empty labelled statement in a function.
*) Bugfix: fixed Function constructor handling when called without
arguments.
*) Bugfix: fixed Buffer.prototype.writeInt8() and friends.
*) Bugfix: fixed Buffer.prototype.writeFloat() and friends.
*) Bugfix: fixed Buffer.prototype.lastIndexOf().
*) Bugfix: fixed Buffer.prototype.write().
*) Bugfix: fixed maybe-uninitialized warnings in error creation.
*) Bugfix: fixed 'ctx.codepoint' initialization in UTF-8 decoding.
*) Bugfix: fixed 'length' initialization in Array.prototype.pop().
*) Bugfix: fixed handling of encode arg in fs.readdir() and
fs.realpath().
</ChangeLog>
|
|
<ChangeLog>
*) Feature: SSL certificates, secret keys, and CRLs are now cached on
start or during reconfiguration.
*) Feature: client certificate validation with OCSP in the stream
module.
*) Feature: OCSP stapling support in the stream module.
*) Feature: the "proxy_pass_trailers" directive in the
ngx_http_proxy_module.
*) Feature: the "ssl_client_certificate" directive now supports
certificates with auxiliary information.
*) Change: now the "ssl_client_certificate" directive is not required
for client SSL certificates verification.
</ChangeLog>
|
|
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
Also, release third-party passenger module from the pcre1 users
list, it builds fine with pcre2.
Bump PORTREVISION.
|
|
Bump PORTREVISION.
PR: 278951
|
|
Update third-party passenger module to 6.0.22.
<ChangeLog>
*) Security: when using HTTP/3, processing of a specially crafted QUIC
session might cause a worker process crash, worker process memory
disclosure on systems with MTU larger than 4096 bytes, or might have
potential other impact (CVE-2024-32760, CVE-2024-31079,
CVE-2024-35200, CVE-2024-34161).
Thanks to Nils Bars of CISPA.
*) Feature: variables support in the "proxy_limit_rate",
"fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate"
directives.
*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
"gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
*) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
option was used.
Thanks to Edgar Bonet.
*) Bugfixes in HTTP/3.
<ChangeLog>
|
|
Fix building third-party naxsi module.
<Changelog>
*) Feature: virtual servers in the stream module.
*) Feature: the ngx_stream_pass_module.
*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
the "listen" directive in the stream module.
*) Feature: cache line size detection for some architectures.
Thanks to Piotr Sikora.
*) Feature: support for Homebrew on Apple Silicon.
Thanks to Piotr Sikora.
*) Bugfix: Windows cross-compilation bugfixes and improvements.
Thanks to Piotr Sikora.
*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
Thanks to Vladimir Khomutov.
</Changelog>
|
|
Bump PORTREVISION.
|
|
Fixes: b2ad75a2b920e1659afd54e5313e46f1f35bcd28
|
|
Change GH location for the third-party video-thumbextractor module.
The size of the new distro is much bigger just because it contains
many tests.
PR: 277155
|
|
o) update third-party brotli module to the latest snapshot.
Bump PORTREVISION.
|
|
o) update third-party lua module to 0.10.26;
o) update third-party headers-more module to latest snapshot;
o) remove third-party http_mp4_h264 module, legacy and undownloadable.
Bump PORTREVISION.
|
|
o) lua 0.10.25 -> 0.10.26rc1
o) passenger 6.0.18 -> 6.0.19
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
Change the distribution point to GH/wargio due to inactivity
in GH/nbs-system.
Update patches.
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
Special thanks to: pluknet
Bump PORTREVISION.
|
|
Bump PORTREVISION for www/nginx-devel.
<ChangeLog>
* Adds support for arm (aarch64) rpm packages.
* Adds Ubuntu 23.04 "Lunar" packages, removes Ubuntu 22.10
"Kinetic" packages.
* Removes packages for Debian 9 "Stretch" (EOL June 2022).
* [RPM] Changes to building Nginx module packages for the latest
supported Nginx module stream instead of the default.
* [Ruby] Makes Passenger more resilient to invalid byte sequences
when loading the Ruby native extension. Contributed by Drew Wells.
* [Ruby] Add an `unhandled_exception_before_exit` event callback.
Contributed by James Tomson.
* [Nginx] Upgrades preferred Nginx to 1.24.0 from 1.22.1.
* Updated various library versions used in precompiled binaries
(used for e.g. gem installs):
- cmake: 3.25.1 -> 3.26.4
- curl: 7.87.0 -> 8.1.2
- git: 2.39.0 -> 2.41.0
- gnupg: 2.4.0 -> 2.4.2
- libgcrypt: 1.10.1 -> 1.10.2
- libgpg_error: 1.46 -> 1.47
- openssl: 3.0.7 -> 3.1.1
- rubygems: 3.4.3 -> 3.4.13
- zstd: 1.5.2 -> 1.5.5
- rubies:
- 2.7.7 -> 2.7.8
- 3.0.5 -> 3.0.6
- 3.1.3 -> 3.1.4
- 3.2.0 -> 3.2.2
</ChangeLog>
|
|
Enable HTTPv3 protocol by default.
Remove third-party clojure module due to a build issue.
The OpenSSL compatibility layer, which emulates BoringSSL
QUIC API for OpenSSL, is enabled by default, and 0-RTT is
not supported in this mode.
Alternativly, it's possible to build nginx with a third-party
library from ports tree, that provides QUIC support:
o) BoringSSL
o) LibreSSL
o) QuicTLS
<Changelog>
*) Feature: experimental HTTP/3 support.
</Changelog>
|
|
Bump PORTREVISION.
|
|
o) clojure to 0.6.0;
o) vts to its recent commit on GH.
Bump PORTREVISION.
|
|
Resurrect GSSAPI radio button for http_auth_krb5 module, last one
builds just fine with both implementations now.
While I'm here:
o) sort pkg-plist;
o) update portscout.
Bump PORTREVISION.
|
|
Remove the following broken third-party modules:
o) dynamic_hc
o) small_light
|
|
Bump PORTREVISION.
PR: 270523
|
|
Bump PORTREVISION for www/nginx-devel.
|
|
Bump PORTREVISION.
|
|
Remove the upstreamed patch.
Bump PORTREVISION.
|
|
Update third-party passenger module for www/nginx-devel. (*)
Bump PORTREVISION. (*)
|
|
Update HTTPv3/QUIC patch.
<Changelog>
*) Bugfix: an error might occur when reading PROXY protocol version 2
header with large number of TLVs.
*) Bugfix: a segmentation fault might occur in a worker process if SSI
was used to process subrequests created by other modules.
Thanks to Ciel Zhao.
*) Workaround: when a hostname used in the "listen" directive resolves
to multiple addresses, nginx now ignores duplicates within these
addresses.
*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
connections to backends were used.
</Changelog>
|
|
It's possible now to build NGINX HTTPv3/QUIC implementation with
another the LibreSSL 3.6.0.
Bump PORTREVISION.
|
|
Update third-party Passenger module for www/nginx-devel.
|
|
o) update third-party lua module 0.10.21 -> 0.10.22
o) update third-party http_shibboleth to the recent commit
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
Bump PORTREVISION.
PR: 265969
|
|
Update the HTTPv3/QUIC patch.
<Changelog>
*) Feature: memory usage optimization in configurations with SSL
proxying.
*) Feature: looking up of IPv4 addresses while resolving now can be
disabled with the "ipv4=off" parameter of the "resolver" directive.
*) Change: the logging level of the "bad key share", "bad extension",
"bad cipher", and "bad ecpoint" SSL errors has been lowered from
"crit" to "info".
*) Bugfix: while returning byte ranges nginx did not remove the
"Content-Range" header line if it was present in the original backend
response.
*) Bugfix: a proxied response might be truncated during reconfiguration
on Linux; the bug had appeared in 1.17.5.
</Changelog>
|
|
Reported by: pluknet
Patch from: pluknet
Bump PORTREVISION.
|
|
Bump PORTREVISION.
|
|
Bump PORTREVISION.
Thanks to pluknet.
|
